FKIE_CVE-2014-1562

Vulnerability from fkie_nvd - Published: 2014-09-03 10:55 - Updated: 2025-11-25 17:50
Severity ?
Summary
Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html
security@mozilla.orghttp://secunia.com/advisories/60148
security@mozilla.orghttp://secunia.com/advisories/60186
security@mozilla.orghttp://secunia.com/advisories/61114
security@mozilla.orghttp://secunia.com/advisories/61390
security@mozilla.orghttp://www.debian.org/security/2014/dsa-3018
security@mozilla.orghttp://www.debian.org/security/2014/dsa-3028
security@mozilla.orghttp://www.mozilla.org/security/announce/2014/mfsa2014-67.htmlVendor Advisory
security@mozilla.orghttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
security@mozilla.orghttp://www.securityfocus.com/bid/69519
security@mozilla.orghttp://www.securitytracker.com/id/1030793
security@mozilla.orghttp://www.securitytracker.com/id/1030794
security@mozilla.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=1054359
security@mozilla.orghttps://security.gentoo.org/glsa/201504-01
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60148
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60186
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61114
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61390
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-3018
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-3028
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2014/mfsa2014-67.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/69519
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030793
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030794
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=1054359
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201504-01
Impacted products
Vendor Product Version
mozilla firefox 24.0
mozilla firefox 24.0.1
mozilla firefox 24.0.2
mozilla firefox 24.1.0
mozilla firefox 24.1.1
mozilla firefox 31.0
mozilla firefox_esr 24.2
mozilla firefox_esr 24.3
mozilla firefox_esr 24.4
mozilla firefox_esr 24.5
mozilla firefox_esr 24.6
mozilla firefox_esr 24.7
mozilla thunderbird 24.0
mozilla thunderbird 24.0.1
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.2
mozilla thunderbird 24.3
mozilla thunderbird 24.4
mozilla thunderbird 24.5
mozilla thunderbird 24.6
mozilla thunderbird 24.7
mozilla thunderbird 31.0
mozilla firefox *
mozilla firefox 30.0
mozilla firefox 31.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E772D1-DD0F-4F04-8BB4-9550F3C601E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:24.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B31FDE6-3EA6-4946-9A76-605F3C561C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:24.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "46964729-D50D-4F17-A2F9-584A25E6F8DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:24.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "050A0328-B07A-4CC7-B42E-A034F3140032",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:24.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "732CC40B-BCBA-436B-956F-52BE28D9B79B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11F024A-A8B7-405B-8A13-4BF406FBDB22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox_esr:24.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A237D8D8-5656-4537-AD08-30CB8B4DAD63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox_esr:24.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "04B61AC7-E951-407F-A62E-490F9FEDE9C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox_esr:24.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F70319-C8E4-4F54-9449-B0C3A59BF7C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox_esr:24.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CAD5F3B-54D7-425B-89D2-A3A86DE31BAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox_esr:24.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D4B068-3456-4748-94BE-ACBA6A026570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox_esr:24.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A0674F-9FAA-4493-A7DD-BC084C4E1E6A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CCAFDF1-10BB-4AB0-9C9D-E99DDBA901BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "31EE89B8-705F-4A05-9015-3D6E81D394E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30AE3D4-6A3E-435E-BDBF-1A9A17297433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C705A0-62C0-485A-A077-C7DD426F80B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C802A7-E4D5-4D2D-9CE8-749A75DF7461",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E8A57FA-AC27-4288-8E42-97DECF3B993C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D474B11-98D0-41A3-A98B-CFB6955264AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBD940E-9EF0-460B-A721-E70C719F2244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "063FC215-D9D2-40D0-A8A5-6289890EF9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:24.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "79E7E9DF-322E-474F-9204-E7189929490B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "707DE052-DE3E-4FC3-994C-52FF7B5373C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D8AEBE9-C88E-47F0-8ACC-18DADFD571A0",
              "versionEndIncluding": "31.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38EBC9E7-46AD-4DCD-AA7B-5071F55E3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11F024A-A8B7-405B-8A13-4BF406FBDB22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el motor del navegador en Mozilla Firefox anterior a 32.0, Firefox ESR 24.x anterior a 24.8 y 31.x anterior a 31.1 y Thunderbird 24.x anterior a 24.8 y 31.x anterior a 31.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de la memoria y ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2014-1562",
  "lastModified": "2025-11-25T17:50:16.803",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-09-03T10:55:06.557",
  "references": [
    {
      "source": "security@mozilla.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://secunia.com/advisories/60148"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://secunia.com/advisories/60186"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://secunia.com/advisories/61114"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://secunia.com/advisories/61390"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://www.debian.org/security/2014/dsa-3018"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://www.debian.org/security/2014/dsa-3028"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-67.html"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://www.securityfocus.com/bid/69519"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://www.securitytracker.com/id/1030793"
    },
    {
      "source": "security@mozilla.org",
      "url": "http://www.securitytracker.com/id/1030794"
    },
    {
      "source": "security@mozilla.org",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1054359"
    },
    {
      "source": "security@mozilla.org",
      "url": "https://security.gentoo.org/glsa/201504-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60148"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60186"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-3018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-3028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-67.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/69519"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1054359"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201504-01"
    }
  ],
  "sourceIdentifier": "security@mozilla.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.